Accepted cron 3.0pl1-133 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 10 Mar 2019 17:49:18 +0100
Source: cron
Architecture: source
Version: 3.0pl1-133
Distribution: unstable
Urgency: medium
Maintainer: Javier Fernández-Sanguino Peña <jfs@debian.org>
Changed-By: Christian Kastner <ckk@debian.org>
Closes: 801328 809167 893575 893579
Changes:
cron (3.0pl1-133) unstable; urgency=medium
.
* SECURITY: Fix bypass of /etc/cron.{allow,deny} on failure to open
If these files exist, then they must be readable by the user executing
crontab(1). Users will now be denied by default if they aren't.
(LP: #1813833)
* SECURITY: Fix for possible DoS by use-after-free
A user reported a use-after-free condition in the cron daemon, leading to a
possible Denial-of-Service scenario by crashing the daemon.
(Closes: #809167)
* SECURITY: DoS: Fix unchecked return of calloc()
Florian Weimer discovered that a missing check for the return value of
calloc() could crash the daemon, which could be triggered by a very
large crontab created by a user.
* Enforce maximum crontab line count of 1000 to prevent a malicious user
from creating an excessivly large crontab. The daemon will log a warning
for existing files, and crontab(1) will refuse to create new ones.
* Add d/NEWS altering to the new 1000 lines limit.
* Move /var/run/crond.reboot to /run/crond.reboot.
* crontab.5: Reverse the info on tilde expansion. When setting PATH, most
shells will not expand a tilde. Thanks, Tim Landscheidt, for the analysis.
(Closes: #801328)
* Fixes for numerous man page issues. Remove trailing whitespace, use proper
escapes, etc. Thanks, Bjarni Ingi Gislason! (Closes: #893575, #893579)
* crontab.1: Drop duplicate DIAGNOSTICS header.
* daemon: Only support the 'x' debug option in debug builds.
Checksums-Sha1:
ce0b9188ce385fdf5659da9a464c62ce6ce4a139 1918 cron_3.0pl1-133.dsc
8fa1c0e52853a2b538bac04a1ccbf49d5679eb49 100791 cron_3.0pl1-133.diff.gz
d461692639bfbd73ef67c4f2e40edf2a61ee6862 5264 cron_3.0pl1-133_source.buildinfo
Checksums-Sha256:
d8a4fb0343d028e24d90079c82427439b65e2ed4ae90fca572e10d9984ed5934 1918 cron_3.0pl1-133.dsc
dd542caabd039da1b3f1bbe8da271c20995e3c32caea26c058ac1d4236896506 100791 cron_3.0pl1-133.diff.gz
761f490f47d059910df1d3c192f264433047ce8c3ac61e38da68ed3ce48dc3e0 5264 cron_3.0pl1-133_source.buildinfo
Files:
6e4f310dad6071990f3339c82d313b24 1918 admin important cron_3.0pl1-133.dsc
d6542f4bdf4b3b3d7601384af994f720 100791 admin important cron_3.0pl1-133.diff.gz
df833dc4a0568c4c3390b062373b79ef 5264 admin important cron_3.0pl1-133_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEEQZ9+mkfDq5UZ8bCjOZU6N95Os2sFAlyFRCAPHGNra0BkZWJp
YW4ub3JnAAoJEDmVOjfeTrNrxLcP/3H/ATbpLbXB49yPOZE9glbdSk2ngHWYh+ic
n2pEdmEq0yUA0g6DSwsOSWfSClPMabrU3+YiFRwk8L9uKBK5MD3HDEui3FFYcpEP
CuPSvY7b3ytWOUVjYlGWPkRidox+RA5qd43iDewHRyY3P6lIUB3l4MHiUurI1jBY
MQ/myllbNyMHTpXgJyr83rbJWz9GiUm+3nCoux0N2tfvpnYUvNd7ViNJeb+EBV2g
YAB0NiPel5/92KLkGI/rrSmtat+s2IJ3B80qn5lgM+BKqd3/Fk/wt3BUZQBZvrGE
Qf+Yvf4wMPdCMrdWjJF05SsXeI9aEr4Sa6gHlrjnZwK7JvwkGkoOShzVkqLqTj5l
qIK8J+NnDiXOfeNqpyadrLbxE9tV41xkPGNTcOSzfr8lBr/AvabK39UIkUIFiLiW
Ud6By3RJ8sgWgwtFS7WGaV+5KM9lWvvhilVUjZb4hSb+WPG/2UIntc83ZiPGQVvn
gQC35ZUMwMjVmLDe8n/3bPd5fjFL+m5Yl8W3hhUZa2MrHvf4None+f8cSj2sjJs2
qGiDEWqzH2Gb+QuYsZka8HflKKAg+BzG4qPOG09VqNNJx0btPWi1k6EyWKMAOmpY
lWcX+/BzaOeVjICcqw6bQ0hGr4C0INMs4ucynJOilPaqt+8eO185l+4cnYqUsTr6
11YWkMCF
=itJI
-----END PGP SIGNATURE-----
Reply to: